package com.zoweunion.mechanic.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

import com.zoweunion.mechanic.model.ResponseBean;
import com.zoweunion.mechanic.service.base.UserService;

@RestController
public class ShiroTest extends BaseController{
	
	@Autowired
    private UserService userService;


   /* @PostMapping("/login")
    public ResponseBean login(@RequestParam("username") String username,
                              @RequestParam("password") String password) {
        User user = userService.getUserByAccount(username);
        if(user==null) {
        	return new ResponseBean(401, "该用户不存在",null);
        }
        if (!user.getPassword().equals(password)) {
            return new ResponseBean(401, "用户名或密码错误", null);
        } else {
        	return new ResponseBean(200, "Login success", JWTUtil.sign(username, password));
        }
    }*/

    @GetMapping("/article")
    public ResponseBean article() {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            return new ResponseBean(200, "已登陆", null);
        } else {
            return new ResponseBean(200, "游客", null);
        }
    }

    @GetMapping("/require_auth")
    @RequiresAuthentication
    public ResponseBean requireAuth() {
        return new ResponseBean(200, "已认证", null);
    }

    @GetMapping("/require_role")
    @RequiresRoles(value= {"管理员"})
    public ResponseBean requireRole() {
        return new ResponseBean(200, "管理员", null);
    }

    @GetMapping("/require_permission")
    @RequiresPermissions(logical = Logical.OR, value = {"账户管理","车主注册"})
    public ResponseBean requirePermission() {
        return new ResponseBean(200, "您拥有车主注册权限", null);
    }

    @RequestMapping(path = "/401")
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ResponseBean unauthorized() {
        return new ResponseBean(401, "未授权", null);
    }
    
    
}
